#PackageHijack

‘Revival Hijack’ on PyPI Disguises Malware with Legitimate File Names

by

September 4, 2024 at 04:43PM Security researchers have discovered a concerning method for attackers to distribute malicious payloads through the PyPI package repository. By re-registering a removed package with the same name, adversaries can pass off rogue packages as legitimate ones. This “Revival Hijack” method poses a clear threat, with 120,000 abandoned packages susceptible to … Read more

Revival Hijack supply-chain attack threatens 22,000 PyPI packages

by

September 4, 2024 at 09:49AM Threat actors are exploiting the “Revival Hijack” attack to register new PyPi projects using names of previously deleted packages, potentially leading to malicious package downloads. Recently leveraged in the wild, this technique highlights the need for developers to take action to mitigate this threat, including using package pinning and verifying … Read more